Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
houssamix vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4979
SQL injection vulnerability in index.php in the sondages module in KwsPHP 1.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter in a results action, a different module than CVE-2007-4956.2.
Kwsphp Kwsphp 1.0
1 EDB exploit
NA
CVE-2008-0149
TUTOS 1.3 allows remote malicious users to read system information via a direct request to php/admin/phpinfo.php, which calls the phpinfo function.
Tutos Tutos 1.3
1 EDB exploit
NA
CVE-2008-4764
Directory traversal vulnerability in the eXtplorer module (com_extplorer) 2.0.0 RC2 and previous versions in Joomla! allows remote malicious users to read arbitrary files via a .. (dot dot) in the dir parameter in a show_error action.
Extplorer Com Extplorer
1 EDB exploit
NA
CVE-2008-0148
TUTOS 1.3 does not restrict access to php/admin/cmd.php, which allows remote malicious users to execute arbitrary shell commands via the cmd parameter in a direct request.
Tutos Tutos 1.3
1 EDB exploit
NA
CVE-2008-0222
Unrestricted file upload vulnerability in ajaxfilemanager.php in the Wp-FileManager 1.2 plugin for WordPress allows remote malicious users to upload and execute arbitrary PHP code via unspecified vectors.
Wordpress Filemanager 1.2
1 EDB exploit
NA
CVE-2008-0259
Multiple directory traversal vulnerabilities in _mg/php/mg_thumbs.php in minimal Gallery 0.8 allow remote malicious users to read arbitrary files via a .. (dot dot) in the (1) thumbcat and (2) thumb parameters.
Minimal Design Minimal Gallery 0.8
1 EDB exploit
NA
CVE-2008-0283
PHP remote file inclusion vulnerability in /aides/index.php in DomPHP 0.81 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the page parameter.
Domphp Domphp
1 EDB exploit
NA
CVE-2008-0425
Absolute path traversal vulnerability in explorerdir.php in Frimousse 0.0.2 allows remote malicious users to read arbitrary files and list arbitrary directories via a full pathname in the name parameter.
Frimousse Frimousse 0.0.2
1 EDB exploit
NA
CVE-2008-0490
SQL injection vulnerability in functions/editevent.php in the WP-Cal 0.3 plugin for WordPress allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Wordpress Wp Cal Plugin 0.3
1 EDB exploit
NA
CVE-2008-0491
SQL injection vulnerability in fim_rss.php in the fGallery 2.4.1 plugin for WordPress allows remote malicious users to execute arbitrary SQL commands via the album parameter.
Fgallery Project Fgallery 2.4.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »